[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

A case for SSL specialist programmers

To: or-talk@xxxxxxxxxxxxx
Subject: A case for SSL specialist programmers
From: "Total Privacy" <nosnoops@xxxxxxxxxxx>
Date: Thu, 09 Nov 2006 02:22:45 -0800
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Thu, 09 Nov 2006 05:22:55 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Hi, to some https super gurus maybe on this forum! 

I´ve did some easy research over the net about different approach 
for websites fooling out real IP numbers from users, and besides 
the usual stuff (javascript, active-x, flash plugins etc) I get 
some hints about the https SSL protocol itself may collect the 
users real IP, also when the user is using anonymizers. 

When I check at the https://proxify.com/whoami/ trough Tor, I 
only see the Tor exit node IP and not my real. Same thing when 
cheking my SSL webmail accounts log of login IP and also in 
the headers of emails send from that https webmail, it only 
shows the Tor exit node IP. 

The question is then, are that perhaps any hidden information 
streams into the SSL connection, that is able to get the real 
IP, but only make the last IP (Tor exit node) visible to user? 

Or is it that simple, when the Tor IP is showed, then it´s the 
only IP the https website collect? 

Thanks for any answer of knowledge. 





-- 
http://www.fastmail.fm - The way an email service should be

Follow-Ups:
- Re: A case for SSL specialist programmers
  - From: lester psigal

Prev by Author: Troubles for tortuga
Next by Author: Re: Possible fishing attempt for eBay
Previous by thread: Re: Tor Network Status Website - Reduce the page size!!
Next by thread: Re: A case for SSL specialist programmers
Index(es):
- Author
- Thread